BAE Systems chief outlines drone hacks in appeal to cyber defenders

Published: 8 December 2025
a sky in the colors of the polish flag, red and white, drone flying, black debris
Image by Cybernews.

Adrian Nish, director of Europe East at BAE Systems, issued an appeal to talented cyber defense specialists last week, urging them to apply their skills to the emerging challenge of drone interception.

Speaking at the CyberThreat conference at Chelsea Football Stadium in London last Wednesday, at an event organized by the SANS institute for the National Cyber Security Centre, Nish called on both offensive and defensive security practitioners to turn their expertise towards keeping people safe.

“Malicious drones are flying pieces of malware, code that is up in the air with physical rotors. If it's being used maliciously, that’s just like malware. And there’s an opportunity now to bring our knowledge and use it for good,” he said.

ADVERTISEMENT

Nish pointed to the career shift of Finnish security pioneer Mikko Hyppönen, who recently moved from antivirus research into the drone industry, describing it as an example of how cyber defenders are beginning to “pivot” towards aerial security.

During the presentation the security leader also detailed how his team of researchers have already demonstrated methods for hacking ISR drones by extracting and reverse-engineering their firmware.

Who are the drone threat actors?

Nish noted that the threats emerging from unmanned systems closely mirror the familiar hierarchy of actors in cybercrime. Lone operators – sometimes teenagers – are increasingly behind reckless drone incursions, including quadcopters flown close to critical military assets simply to prove it can be done.

Criminal groups are deploying drones for smuggling, surveillance, and attacks on law enforcement, particularly in South America, where Nish said that armed groups are “learning lessons from Ukraine.”

State actors, meanwhile, are rapidly scaling their own drone arsenals for reconnaissance and direct attacks.

The three broad classes of drone

The majority of drones in circulation – around 80%- are commercial off-the-shelf models, such as the DJI Phantom and the DJI Mavic, which can be purchased online at Amazon.

ADVERTISEMENT

Custom-built devices, often derived from FPV (first-person view) and racing kits, allow operators to tailor drones for specific missions, from evading detection to carrying heavier payloads.

At the highest tier are military-grade systems, including Russia’s Orlan-10 and Iran’s Shahed-136 one-way attack drones, both widely used in Ukraine.

Ukraineresized
Ukraine armed forces inspecting first-person view (FPV) drones

The Shahed-136 — a 50kg warhead loitering munition (designed to explode on impact) which Nish comparably prices to "a family car" has become so prolific that Russia is reportedly refining and mass-producing variants at scale.

In terms of gaining knowledge of drones, Nish said that Ukraine presents the most advanced real-world drone laboratory to date, with “up to 800 drone attacks a day” during an intense period.

Defenses lag behind

Despite the volume of attacks, countermeasures remain fragmented, Nish explained. Electronic warfare systems can jam signals, but customized drones often operate on unpredictable frequencies. The alternative – kinetic interception – relies on expensive missile or gun systems not designed for small, low-cost targets.

This is where cybersecurity expertise can make a difference, Nish claimed: Drones are fundamentally computers with motors, he said, and their internal architectures remain surprisingly insecure.

“There’s no firewalls on drones, no protection from the outer world.”

“If you know what frequency, you can just talk to them. There’s no segregation of systems. The state of security in drones is not like enterprise IT. It’s really quite basic.”

ADVERTISEMENT

Inside a hijack: the ISR drone case study

Nish said that over a two-year period, BAE Systems has been examining how to hijack drones, with efforts focusing on the compromise of a widely-used, long-range transceiver found in IRS (Intelligence, Surveillance and Reconnaissance) drones.

The device featured strong transmission security – including frequency hopping – and encryption. But implementation errors created hidden openings.

The team began by obtaining the drone’s firmware. In this case, a version was publicly accessible on the manufacturer’s website, albeit encrypted. They identified an older legacy firmware release that utilized the same cryptographic key – an oversight that enabled them to decrypt the current version.

“Then it’s down to reverse engineering malware analysis,” Nish explained.

A flaw in the AES-128 (crypto key) implementation exposed how frames were encrypted, enabling deeper analysis of the system's command architecture.

From there, researchers demonstrated pathways to intercept or even hijack communications — methods Nish believes will become essential in future drone work.

“Technically, we should be able to do that,” he said. “I don’t think anyone can do that today.”

Post Ukraine: What are the future drone threats?

Drone capabilities are accelerating rapidly as smartphone-grade chips, superior tracking with multiband GNSS, and edge-AI processing move into airborne systems.

ADVERTISEMENT

Nish warned that LEO (low earth orbit) satellite-backed 4G and 5G connectivity will soon enable long-range, resilient control links.

Also, Drone swarms – coordinated by mesh radios – mark another shift. “From a cyber perspective, this is basically a botnet,” he said.

Nish also predicted a spillover of battlefield drones into criminal markets once the Ukraine conflict ends, alongside maritime drones and even humanoid robots entering the threat landscape.

why-underwater-drones-are-making-waves-in-global-defense-and-seabed-ai_720
The threat isn't just airborne: maritime drones and humanoid robots will also require close monitoring

To counter these threats, Nish emphasized the need for digital forensics on crashed drones,

“How you get code out of systems to investigate it in a safe way is crucial - with a crashed drone - this may be the only specimen you are likely to get your hands on . It’s crucial that you do it right.”

Responsible vulnerability disclosure was also key, he added.

“Being able to find vulnerabilities and responsibly creating ways to produce attacks against the systems is another challenge. How can you not just jam a malicious drone but hijack the control of that drone to bring it down safely?”

Nish spoke to the room full of highly-skilled techies with some seriousness – this wasn’t one of those sessions teaching you how to break into vending machines or electric cars.

“Drones do kill people,” Nish emphasized, “so there is an urgency to this.”

ADVERTISEMENT

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Nadella scoffs at AI giants as Microsoft may host China’s DeepSeek
Cruel cyber training in Canada: testing if exhausted employees would fall for a 'day off' scam
Cloudflare gives AI agents temporary accounts to deploy websites without human logins
Developers giving attackers a free ride after hundreds of iPhone AI apps found exposing credentials
This tiny European country is pioneering digital ID for AI agents
Canadian lender TD tells some employees it will use software to monitor their work
ADVERTISEMENT